• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <stddef.h>
18 #include <stdint.h>
19 
20 #include <algorithm>
21 
22 #include "perfetto/base/logging.h"
23 #include "perfetto/ext/base/utils.h"
24 #include "perfetto/protozero/scattered_stream_null_delegate.h"
25 #include "perfetto/protozero/scattered_stream_writer.h"
26 #include "src/traced/probes/ftrace/cpu_reader.h"
27 #include "src/traced/probes/ftrace/ftrace_config_muxer.h"
28 #include "src/traced/probes/ftrace/test/cpu_reader_support.h"
29 #include "src/tracing/core/null_trace_writer.h"
30 
31 #include "protos/perfetto/trace/ftrace/ftrace_event_bundle.pbzero.h"
32 
33 namespace perfetto {
34 namespace {
35 
36 uint8_t g_page[base::kPageSize];
37 
38 }  // namespace
39 
40 using perfetto::protos::pbzero::FtraceEventBundle;
41 
42 void FuzzCpuReaderParsePage(const uint8_t* data, size_t size);
43 void FuzzCpuReaderProcessPagesForDataSource(const uint8_t* data, size_t size);
44 
45 // TODO(rsavitski): make the fuzzer generate multi-page payloads.
FuzzCpuReaderProcessPagesForDataSource(const uint8_t * data,size_t size)46 void FuzzCpuReaderProcessPagesForDataSource(const uint8_t* data, size_t size) {
47   ProtoTranslationTable* table = GetTable("synthetic");
48   if (!table) {
49     PERFETTO_FATAL(
50         "Could not read table. "
51         "This fuzzer must be run in the root directory.");
52   }
53   memset(g_page, 0, base::kPageSize);
54   memcpy(g_page, data, std::min(base::kPageSize, size));
55 
56   FtraceMetadata metadata{};
57   FtraceDataSourceConfig ds_config{EventFilter{},
58                                    DisabledCompactSchedConfigForTesting(),
59                                    {},
60                                    {},
61                                    /*symbolize_ksyms=*/false};
62   ds_config.event_filter.AddEnabledEvent(
63       table->EventToFtraceId(GroupAndName("sched", "sched_switch")));
64   ds_config.event_filter.AddEnabledEvent(
65       table->EventToFtraceId(GroupAndName("ftrace", "print")));
66 
67   NullTraceWriter null_writer;
68   CpuReader::ProcessPagesForDataSource(
69       &null_writer, &metadata, /*cpu=*/0, &ds_config, g_page, /*pages_read=*/1,
70       table, /*symbolizer*/ nullptr, /*ftrace_clock_snapshot=*/nullptr,
71       protos::pbzero::FTRACE_CLOCK_UNSPECIFIED);
72 }
73 
74 }  // namespace perfetto
75 
76 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size);
77 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)78 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
79   perfetto::FuzzCpuReaderProcessPagesForDataSource(data, size);
80   return 0;
81 }
82